If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

i don't know what means a F/P or false positive but:regarding to win32.pakes.x3 i can tell you the following: i let my KIS to quarantine the file regedit.exe!after this i was able to access the regedit utility but i was not able to use some files with extension .reg. i want to mention that i could use the files on other computers!i restored the regedit from quarantine but i had the same problem!!!when i looked at the .reg file i saw that it says that it is opened by %1..... lol.... i changed the open with file with regedit32.exe from windows/system32 and than i was able to use the .reg files!respectfully costin

Same problem here.
Zone alarm say I have a virus:
Trojan.Win32.Pakes.X3
located in;C:\windows\regedit.exe
C:windows\SERVIC~1\386regedit.exeand also in another location that cannot be deleted so it must be deleted on reboot.
It is also asking for my Windows service pack 2 cd so I can restore dammaged files.
But I have no such CD as I have the origional release of XP.So I downloaded Service Pack 2 (larger version) and installed it.Zone alarm wanted to reboot and so did service pack 2, and on the reboot their was an exemption and Zone Alarm failed to start.
Then I updated my Zone Alarm definition and rescanned my computer and had several new instances of the virus on my computer.
Anyway then I attempted to do a system restore and when the system rebooted a message came up saying that it was unable to restore my computer and to change the restore point.
My system is a fairly new clean install and my internet use is very minimal and I'm supprized I got a virus if I did?

Glen,The &quot;virus&quot; is a &quot;False Positive&quot;. In other words Zone Alarm &quot;found&quot; a &quot;virus&quot; that was NOT a virus. So if you tell ZoneAlarm to ignore the virus, and then update your virus definitions, and run another scan, you should be ok.
Supposedly there has been a fix issued already.
My questions are these:
1) What exactly happened here? Did windows update these files, and did that generate a warning that the files did not match? Or did ZoneAlarm cause all this? How did these files change?
2) Since I took the recommended action and deleted
then rebooted, I cannot get my registry editor back, even though I tried to &quot;restore&quot; the regedit.exe from the quarantine. How do I get my registry editor back? That reminds me.. I forgot my Windows CD. (darn it!).

<BLOCKQUOTE><HR>Tekncl-Kwestyn wrote:
Glen,The "virus" is a "False Positive". In other words Zone Alarm "found" a "virus" that was NOT a virus. So if you tell ZoneAlarm to ignore the virus, and then update your virus definitions, and run another scan, you should be ok.Supposedly there has been a fix issued already.My questions are these:1) What exactly happened here? Did windows update these files, and did that generate a warning that the files did not match? Or did ZoneAlarm cause all this? How did these files change?2) Since I took the recommended action and deletedthen rebooted, I cannot get my registry editor back, even though I tried to "restore" the regedit.exe from the quarantine. How do I get my registry editor back? That reminds me.. I forgot my Windows CD. (darn it!).
<HR></BLOCKQUOTE>
1. False positive are due toa virus update by kaspersky that incorrectly flag a pattern of virus into a legitimatefile. See here: http://forum.kaspersky.com/index.php?showtopic=42082. Not directly a ZA issue butthe AV portion by KAV. 2. Not sure I follow but if you have deleted the file there is no way to recover it. By default ZA quarantine not remove the suspect file/entry. You may want to read the post by GURU OLDSOD to recover a backup of regedit if you have removed it. See here: http://forums.zonealarm.com/zonelabs...essage.id=2275Hoep this help.Cheers,Fax

OK - I update all my antivirus and spyware programs daily and they run during the night as I leave my computer on. What does ZoneAlarm say to do next? I've seen one message where the user said to update the virus definitions etc., and that he then reinstalled the virus files. Is this the recommended fix or just wishful thinking.
Am I paranoid about reinstalling a virus - dambetcha!